Example #1
0
 public function testFlow()
 {
     $testCase = $this;
     $http = new Http(new Callback(function ($request) use($testCase) {
         $body = new TempStream(fopen('php://memory', 'r+'));
         $response = new Response();
         $response->setBody($body);
         $testCase->loadController($request, $response);
         return $response;
     }));
     $oauth = new Oauth($http);
     // request token
     $response = $oauth->requestToken(new Url('http://127.0.0.1/request'), OauthTest::CONSUMER_KEY, OauthTest::CONSUMER_SECRET);
     $this->assertInstanceOf('PSX\\Oauth\\Provider\\Data\\Response', $response);
     $this->assertEquals(OauthTest::TMP_TOKEN, $response->getToken());
     $this->assertEquals(OauthTest::TMP_TOKEN_SECRET, $response->getTokenSecret());
     // authorize the user gets redirected and approves the application
     // access token
     $response = $oauth->accessToken(new Url('http://127.0.0.1/access'), OauthTest::CONSUMER_KEY, OauthTest::CONSUMER_SECRET, OauthTest::TMP_TOKEN, OauthTest::TMP_TOKEN_SECRET, OauthTest::VERIFIER);
     $this->assertInstanceOf('PSX\\Oauth\\Provider\\Data\\Response', $response);
     $this->assertEquals(OauthTest::TOKEN, $response->getToken());
     $this->assertEquals(OauthTest::TOKEN_SECRET, $response->getTokenSecret());
     // api request
     $url = new Url('http://127.0.0.1/api');
     $auth = $oauth->getAuthorizationHeader($url, OauthTest::CONSUMER_KEY, OauthTest::CONSUMER_SECRET, OauthTest::TOKEN, OauthTest::TOKEN_SECRET, 'HMAC-SHA1', 'GET');
     $request = new GetRequest($url, array('Authorization' => $auth));
     $response = $http->request($request);
     $this->assertEquals(200, $response->getStatusCode());
     $this->assertEquals('SUCCESS', (string) $response->getBody());
 }
Example #2
0
    public function testFlow()
    {
        $testCase = $this;
        $http = new Http(new Callback(function (RequestInterface $request) use($testCase) {
            // request token
            if ($request->getUri()->getPath() == '/requestToken') {
                $auth = Authentication::decodeParameters((string) $request->getHeader('Authorization'));
                $testCase->assertEquals(self::CONSUMER_KEY, $auth['oauth_consumer_key']);
                $testCase->assertEquals('HMAC-SHA1', $auth['oauth_signature_method']);
                $testCase->assertTrue(isset($auth['oauth_timestamp']));
                $testCase->assertTrue(isset($auth['oauth_nonce']));
                $testCase->assertEquals('1.0', $auth['oauth_version']);
                $testCase->assertEquals('oob', $auth['oauth_callback']);
                $testCase->assertTrue(isset($auth['oauth_signature']));
                $tmpToken = self::TMP_TOKEN;
                $tmpTokenSecret = self::TMP_TOKEN_SECRET;
                $response = <<<TEXT
HTTP/1.1 200 OK
Date: Thu, 26 Sep 2013 16:36:25 GMT
Content-Type: application/x-www-form-urlencoded

oauth_token={$tmpToken}&oauth_token_secret={$tmpTokenSecret}&oauth_callback_confirmed=1
TEXT;
            } elseif ($request->getUri()->getPath() == '/accessToken') {
                $auth = Authentication::decodeParameters((string) $request->getHeader('Authorization'));
                $testCase->assertEquals(self::CONSUMER_KEY, $auth['oauth_consumer_key']);
                $testCase->assertEquals(self::TMP_TOKEN, $auth['oauth_token']);
                $testCase->assertEquals('HMAC-SHA1', $auth['oauth_signature_method']);
                $testCase->assertTrue(isset($auth['oauth_timestamp']));
                $testCase->assertTrue(isset($auth['oauth_nonce']));
                $testCase->assertEquals('1.0', $auth['oauth_version']);
                $testCase->assertEquals(self::VERIFIER, $auth['oauth_verifier']);
                $testCase->assertTrue(isset($auth['oauth_signature']));
                $token = self::TOKEN;
                $tokenSecret = self::TOKEN_SECRET;
                $response = <<<TEXT
HTTP/1.1 200 OK
Date: Thu, 26 Sep 2013 16:36:26 GMT
Content-Type: application/x-www-form-urlencoded

oauth_token={$token}&oauth_token_secret={$tokenSecret}
TEXT;
            } elseif ($request->getUri()->getPath() == '/api') {
                $auth = Authentication::decodeParameters((string) $request->getHeader('Authorization'));
                $testCase->assertEquals(self::CONSUMER_KEY, $auth['oauth_consumer_key']);
                $testCase->assertEquals(self::TOKEN, $auth['oauth_token']);
                $testCase->assertEquals('HMAC-SHA1', $auth['oauth_signature_method']);
                $testCase->assertTrue(isset($auth['oauth_timestamp']));
                $testCase->assertTrue(isset($auth['oauth_nonce']));
                $testCase->assertEquals('1.0', $auth['oauth_version']);
                $testCase->assertTrue(isset($auth['oauth_signature']));
                $response = <<<TEXT
HTTP/1.1 200 OK
Date: Thu, 26 Sep 2013 16:36:26 GMT
Content-Type: text/html; charset=UTF-8

SUCCESS
TEXT;
            } else {
                throw new \RuntimeException('Invalid path');
            }
            return ResponseParser::convert($response, ResponseParser::MODE_LOOSE)->toString();
        }));
        $oauth = new Oauth($http);
        // request token
        $url = new Url('http://127.0.0.1/requestToken');
        $response = $oauth->requestToken($url, self::CONSUMER_KEY, self::CONSUMER_SECRET);
        $this->assertInstanceOf('PSX\\Oauth\\Provider\\Data\\Response', $response);
        $this->assertEquals(self::TMP_TOKEN, $response->getToken());
        $this->assertEquals(self::TMP_TOKEN_SECRET, $response->getTokenSecret());
        // if we have optained temporary credentials we can redirect the user
        // to grant access to the credentials
        // $oauth->userAuthorization($url, array('oauth_token' => $response->getToken()))
        // if the user gets redirected back we can exchange the temporary
        // credentials to an access token we also get an verifier as GET
        // parameter
        $url = new Url('http://127.0.0.1/accessToken');
        $response = $oauth->accessToken($url, self::CONSUMER_KEY, self::CONSUMER_SECRET, self::TMP_TOKEN, self::TMP_TOKEN, self::VERIFIER);
        $this->assertInstanceOf('PSX\\Oauth\\Provider\\Data\\Response', $response);
        $this->assertEquals(self::TOKEN, $response->getToken());
        $this->assertEquals(self::TOKEN_SECRET, $response->getTokenSecret());
        // now we can make an request to the protected api
        $url = new Url('http://127.0.0.1/api');
        $auth = $oauth->getAuthorizationHeader($url, self::CONSUMER_KEY, self::CONSUMER_SECRET, self::TOKEN, self::TOKEN_SECRET, 'HMAC-SHA1', 'GET');
        $request = new GetRequest($url, array('Authorization' => $auth));
        $response = $http->request($request);
        $this->assertEquals(200, $response->getStatusCode());
        $this->assertEquals('SUCCESS', (string) $response->getBody());
    }